How are you stopping the sploggy new registrations?

I use WPMU-Block-Spam-By-Math to stop them from registering. I also don’t allow new users to create a blog (they have to ask).

There are a lot of spam plugins for free on the official WordPress plugin repository.

Also read these posts: https://wpmututorials.com/tag/spam/

Thanks Ipstenu ..

Will that .htaccess script from 2009 still work today on 3.0?
https://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/ .. it looks hopeful.

I tried the Block Spam By Math plugin and it didn’t stop the registrations for me. But, I deactivated it when I moved on to try another plugin … Most of the spam-free plugins (that I found in the plugin repository) were more for the comment spam. I’ll take another look.

I’m using it now and it doesn’t ‘not’ work, if that makes sense ??

There are plugins like Bad Behavior which stop spammers from accessing your site at all, but really do try the .htaccess one. ??

So – I just enabled the registration – and nothing worked – the .htaccess or the plugin and combination of plugins.

However … maybe someone here can advise – if this is the right .htaccess code I need? I am using the domain.com/folder/ setup instead of the subdomain.domain.com setup..

This is what I have – copied from that link above:

# BEGIN ANTISPAMBLOG REGISTRATION
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-signup.php*
RewriteCond %{HTTP_REFERER} !.petlvr-blogs.com. [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) https://diespammers.com/ [R=301,L]

I’ve had 18 new registrations since I’ve re-allowed registration (exactly 60 minutes later), and implemented the above code. Obviously, something is wrong – (besides wordpress mu 3.0 not having better spam control) – with that .htaccess code.

I have 3 plugins, .htacess, and individual IP banning in place. It makes me mad.

It sure took the cake today when AFTER I disabled all registration yesterday … and 4 new splog users/sites were created on my blog today

Go to Super Admin -> Options. Uncheck “allow users to add new users”. THAT is how they get in. If one gets in, they let in their little friends.

(actually, if this re-checks itself, you can fix it in the db.)

There’s tons of ways to stop them, none of which you listed. ?? (Sorry.)

the hashcache plugin works.
renaming the signup page is a hack, but it sure does work.
bad behaviour will help.

and I’ve also covered this quite a bit in my blog already…

Obviously, something is wrong – (besides wordpress mu 3.0 not having better spam control) –

If you have open registrations in wordpress 3.0 with the network running, that’s your responsibility. ?? Got Akismet?

Go to Super Admin -> Options. Uncheck “allow users to add new users”. THAT is how they get in. If one gets in, they let in their little friends

.

if you mean the following, it has always been unchecked with my installation: Allow site administrators to add new users to their site via the “Users->Add New” page.

This WP-HashCash Plugin is new to me (https://www.ads-software.com/extend/plugins/wp-hashcash/) .. and although it says Compatible up to: 2.9.2 … I will give it a try – it gives me new hope // thanks!

I have been plagued by spam users for a while (having installed hashcash and akismet etc) but then unchecking the “allow users to add new users” option has given me new hope of a spam-free day! I thought i had cleared all the spam users out, but there must be one or two still registered who were letting others in…

Part of the problem with explaining how to stop the sploggers is they read these threads too. ?? (hi! knock it off, will ya??)

I find it more effective to block things at the server level. Stop xmlrpc requests, for example.

Is there a way to setup a timer so when a new user registers they can not create a blog for a set amount of time? Maybe a timer for how long before a blog becomes public? OR a setting such that all new blog default to private?

Thoughts?

Yeah you could do that.

Which and can you direct me to the plug-in, because I’m in need of one of those solutions.

Thanks,

Ed

I didn’t say there was a plugin, only that it could be done.

Yeah … that’s a tough one .. knowing that the spammers read these threads too although, I don’t think that should be the underlying reason to keep the GOOD STUFF quiet!

In the past 15 hours since my last comment above – when I installed the WP-HASHCASH plugin (and granted, I’m not sure if it’s just this or in combination with my other plugins already activated) but

>> Number of Spam Registrations: ZERO.

??

My use of hashcash and not allowing users to create new users (posted above) seems to have done the trick too!

ZERO new sploggers in 13 hours!